diff options
author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2004-06-09 20:38:33 +0000 |
---|---|---|
committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2004-06-09 20:38:33 +0000 |
commit | aee04e84c357d037c5c42a4e2bc262677b3c19de (patch) | |
tree | 79244ac20326f809f3f01b8e4e951cb1356fc1da /security/vuxml | |
parent | 2f575987b5c79839fb3c434b30eb77323a91d4b6 (diff) | |
download | ports-aee04e84c357d037c5c42a4e2bc262677b3c19de.tar.gz ports-aee04e84c357d037c5c42a4e2bc262677b3c19de.zip |
Notes
Diffstat (limited to 'security/vuxml')
-rw-r--r-- | security/vuxml/vuln.xml | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 0a6e34320351..c3f9067213a4 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -30,6 +30,36 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="6f955451-ba54-11d8-b88c-000d610a3b12"> + <topic>Buffer overflow in Squid NTLM authentication helper</topic> + <affects> + <package> + <name>squid</name> + <range><lt>2.5.5_9</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Remote exploitation of a buffer overflow vulnerability in + the NTLM authentication helper routine of the Squid Web + Proxy Cache could allow a remote attacker to execute + arbitrary code. A remote attacker can compromise a target + system if the Squid Proxy is configured to use the NTLM + authentication helper. The attacker can send an overly long + password to overflow the buffer and execute arbitrary + code.</p> + </body> + </description> + <references> + <url>http://www.idefense.com/application/poi/display?id=107&type=vulnerabilities&flashstatus=false</url> + <cvename>CAN-2004-0541</cvename> + </references> + <dates> + <discovery>2004-05-20</discovery> + <entry>2004-06-09</entry> + </dates> + </vuln> + <vuln vid="fb5e227e-b8c6-11d8-b88c-000d610a3b12"> <topic>jailed processes can manipulate host routing tables</topic> <affects> |